Google removes malicious Angry Birds apps from Android Market

This entry was posted by admin on June 15, 2011 at 2:38 am

To all the Angry Birdsfans playing the extremely popular game on your Android phone, beware of any Angry Birds application add-ons. Google has removed at least 10 apps from the Android Market which contain malicious code. All of the Angry Birds players who don’t use cheats to get through the game are most likely in the clear. The malware was found in apps pretending to be cheats or add-ons for Angry Birds.

The problem with Android apps, unlike with iPhone apps, is that the Android Market doesn’t vet its apps. Apple, on the other hand, is extremely strict about what it lets into its App Store, as we saw recently with the ban on DUI-related apps. Because Google doesn’t monitor the apps very carefully, it’s up to the developer community to step up and report any problems or anything fishy that arises.

Xuxian Jiang, an assistant professor of computer science at North Carolina State University, found the malicious apps last week. Some of those apps were infected with the spyware program Plankton. Plankton connects to a remote server and uploads important information about your phone, like the International Mobile Equipment Identity (IMEI) number, which identifies GSM, WCDMA, and iDEN phones. The IMEI numbers are often used to identify valid devices and can stop a phone that has been stolen from accessing the network. Additionally, Plankton also uploads information about your browser bookmarks and browsing history.

Webroot analysts Andrew Brandt and Amanda Orozco found Plankton was zeroing in on Angry Birds. Some of the apps in question were Angry Birds Rio Unlocker v1.0, Angry Birds Multi User v1.00 and Angry Birds Cheater Trainer Helper V2.0. Installing the apps will give you a welcome message telling you to “click on the button below to unlock all the levels in Angry Birds Rio.” The apps actually install additional code onto your phone which gives remote access and control of the handset to whoever created the malicious apps.

Google removed the programs in question on June 5. Unfortunately, malware can sit in apps potentially for months before someone finds it. Back in March, Google removed about 60 apps from the Android Market for malware concerns. Unfortunately, 200,000 people had already downloaded them.

In addition to Plankton, Jiang found other malicious programs as well. One that he discovered was YZHCSMS, a Trojan horse virus that sends an exorbitant amount of SMS messages to premium numbers to hike up your bill. Jiang said these apps were on the Android Market for three months before Google took them down.

So how do you keep your Android device safe? We suggest thinking twice before downloading anything you can’t verify came from a trusted source/developer. Clearly, an app that promises to unlock all the levels in Angry Birds is too good to be true. Though it’s still possible to download a malicious app from the Android Market, make sure you’re not downloading any apps from outside of the market or outside of another vetted app store like Amazon.